Zero-knowledge undeniable signatures (extended abstract)
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Abuse-Free Optimistic Contract Signing
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Adaptive Security for Threshold Cryptosystems
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Convertible Undeniable Signatures
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Designated Confirmer Signatures and Public-Key Encryption are Equivalent
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Efficient Fair Exchange with Verifiable Confirmation of Signatures
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Off-Line Fair Payment Protocols Using Convertible Signatures
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Efficient Zero-Knowledge Proofs of Knowledge Without Intractability Assumptions
PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Constructing fair-exchange protocols for E-commerce via distributed computation of RSA signatures
Proceedings of the twenty-second annual symposium on Principles of distributed computing
Breaking and repairing optimistic fair exchange from PODC 2003
Proceedings of the 3rd ACM workshop on Digital rights management
Universally Composable Protocols with Relaxed Set-Up Assumptions
FOCS '04 Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science
Efficient designated confirmer signature from bilinear pairings
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Programmable Hash Functions and Their Applications
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Ambiguous Optimistic Fair Exchange
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Designated verifier proofs and their applications
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Secure hash-and-sign signatures without the random oracle
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Confirmer signature schemes secure against adaptive adversaries
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Full-domain subgroup hiding and constant-size group signatures
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
On the generic and efficient constructions of secure designated confirmer signatures
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Optimistic fair exchange in a multi-user setting
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Designated confirmer signatures revisited
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Invisibility and anonymity of undeniable and confirmer signatures
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Efficient non-interactive proof systems for bilinear groups
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Efficient designated confirmer signatures without random oracles or general zero-knowledge proofs
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Optimistic fair exchange of digital signatures
IEEE Journal on Selected Areas in Communications
An efficient construction of time-selective convertible undeniable signatures
ISC'11 Proceedings of the 14th international conference on Information security
Designated confirmer signatures with unified verification
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Information Sciences: an International Journal
Hi-index | 0.00 |
Designated confirmer signature (DCS) extends undeniable signature so that a party called confirmer can also confirm/disavow nonself-authenticating signatures on the signer's behalf. Previous DCS constructions, however, can only let the signer confirm her own signatures but not disavow an invalid one. Only confirmer is able to disavow. In this work, we propose a new suite of security models for DCS by adding the formalization that the signer herself can do both confirmation and disavowal. We also propose a new DCS scheme and prove its security in the standard model. The new DCS scheme is efficient. A signature in this new DCS consists of only three group elements (i.e. 60 bytes altogether for 80-bit security). This is much shorter than any of the existing schemes; it is less than 12% in size of the Camenisch-Michels DCS scheme (Eurocrypt 2000); and it also compares favorably with those proven in the random oracle model, for example, it is less than 50% in size of the Wang et al.'s DCS scheme (PKC 2007). This new DCS scheme also possesses a very efficient signature conversion algorithm. In addition, the scheme can be easily extended to support multiple confirmers (and threshold conversion). To include an additional confirmer, the signer needs to add only one group element into the signature. Due to the highly efficient properties of this new DCS scheme, we are able to build a practical ambiguous optimistic fair exchange (AOFE) scheme which has short partial and full signatures. A partial signature consists of three elements in an elliptic curve group and four in Zp (altogether 140 bytes), and a full signature has only three group elements (altogether 60 bytes), which are about 70% and 21% in size when compared with Garay et al.'s scheme (Crypto 1999), respectively.